Various kinds of computing devices, from personal computers to mobile devices, are becoming increasingly popular. In addition, people are increasingly using these devices for both business purposes and personal uses. As these devices continue to grow in popularity and people continue to use them for an ever-growing number of reasons, the users of these devices have demanded and will continue to demand greater convenience, functionality, and ease-of-use from their computing devices and the computer software with which they interact.
Companies have increasingly turned to mobile devices as a way to provide employees and customers with better access to enterprise services and resources. Users may be able to utilize personal devices to access enterprise resources by providing authentication information in the form of a passcode, such as a password or personal identification number (PIN). However, current systems do not provide suitable means for allowing applications to share authentication state and access to enterprise resources. Instead, current systems may utilize inter-process communication (IPC) via a “master” application to share authentication state between applications. As a result, current systems may present a user with constant context switches, or “flips,” between a mobile application and a master application. Upon each context switch, current systems may require that the user enter his passcode once again. Such behaviors may seem random and inexplicable to users, and interfere with a user's uninterrupted access to enterprise resources.
Further, some current systems may implement state sharing via IPC by embedding shared secrets within an application itself. This approach has the disadvantage of being vulnerable to reverse engineering, as an attacker could extract the shared secret from the application.